So like many people that have posted here I have used dig in every configuration that I can think of and have still had no luck. If someone could provide a helping hand it would be most appreciated. Please PM me.
Hi I stuck on “more secrets” edit … is ok
Hi, any help for elasticity ? (The last flag to finish the lab for me)
@christrc said:
Hi, any help for elasticity ? (The last flag to finish the lab for me)
I think my post 3 posts above yours might give you a hint.
In return, you could perhaps give me a hint on how to get over my issue?
ok I think I am nearly there with overflow however I am unable to get my code working.
I am still for the life of me can’t get a reverse shell on to jet, tried netcat, socat and whichever.
for overflow, I am running using burp with socat however, failing.
so it took me over 2 days to get my head around buffer overflows and with help from @FlatMarsSociet and @EvilT0r13
I have had good success with other parts however, I am now stuck with following three
Elasticity
Member Manager
Memo - i have a rough idea of what that is
unable to get a reverse shell from web … any nudges pls ?
which part Command ? PM
@B3ard3d said:
So like many people that have posted here I have used dig in every configuration that I can think of and have still had no luck. If someone could provide a helping hand it would be most appreciated. Please PM me.
I got stuck in overflown, I have the file l***. Any nudges please
Type your comment> @nitinrkz said:
unable to get a reverse shell from web … any nudges pls ?
Nobody says you’re supposed to get a revshell
Type your comment> @FlatMarsSociet said:
Type your comment> @nitinrkz said:
unable to get a reverse shell from web … any nudges pls ?
Nobody says you’re supposed to get a revshell
Huh?
roo@kali:~/hack_the_box/machines$ nc -nvlp 8081
listening on [any] 8081 …
connect to [10.13.14.11] from (UNKNOWN) [10.13.37.10] 36820
bash: cannot set terminal process group (1304): Inappropriate ioctl for device
bash: no job control in this shell
www-data@jet:~/REDACTED$
Type your comment> @FlatMarsSociet said:
Type your comment> @nitinrkz said:
unable to get a reverse shell from web … any nudges pls ?
Nobody says you’re supposed to get a revshell
hey I actually managed to get one had to do some tricks but finally
Apart from that , Any tutorials i can use for overflows ?
could anyone provide a nudge on the Command? I identified an interesting function in SC but I haven’t had any luck exploiting it. Thanks in advance.
Type your comment> @roowashere said:
Type your comment> @FlatMarsSociet said:
Type your comment> @nitinrkz said:
unable to get a reverse shell from web … any nudges pls ?
Nobody says you’re supposed to get a revshell
Huh?
roo@kali:~/hack_the_box/machines$ nc -nvlp 8081
listening on [any] 8081 …
connect to [10.13.14.11] from (UNKNOWN) [10.13.37.10] 36820
bash: cannot set terminal process group (1304): Inappropriate ioctl for device
bash: no job control in this shell
www-data@jet:~/REDACTED$
It’s not because you can, that you really need to.
Sometimes people get stuck looking for a way to get a revshell, while everything they need is right in from of them
Type your comment> @FlatMarsSociet said:
Type your comment> @roowashere said:
Type your comment> @FlatMarsSociet said:
Type your comment> @nitinrkz said:
unable to get a reverse shell from web … any nudges pls ?
Nobody says you’re supposed to get a revshell
Huh?
roo@kali:~/hack_the_box/machines$ nc -nvlp 8081
listening on [any] 8081 …
connect to [10.13.14.11] from (UNKNOWN) [10.13.37.10] 36820
bash: cannot set terminal process group (1304): Inappropriate ioctl for device
bash: no job control in this shell
www-data@jet:~/REDACTED$It’s not because you can, that you really need to.
Sometimes people get stuck looking for a way to get a revshell, while everything they need is right in from of them
That’s fair. In this case, a revshell provided no more towards the objective than was already available. A ‘distraction’, as you say.
Thanks for the timely reminder.
Got some JSON output for elasticity but not sure if the content is supposed to serve as a hint. Stuck on elasticity like most people on the forum apparently…
Can anyone point me in the right direction?
I feel like I’m digging in circles. Anyone able to nudge me in the right direction?
NVM: was being dumb. Now fun with bypass…
@jiggle said:
I feel like I’m digging in circles. Anyone able to nudge me in the right direction?
I’m pretty sure you’ll find the direction you’re supposed to dig in these 8 pages.
Based on an IP, what information could you dig up?
Usually you do the reverse